RE: good solution for VPN?
From: Aaron Burke (aburke_at_nullplusone.com)
Date: 10/20/03
- Previous message: Aleksandar Simonovski: "freebsd+natd+ipfw+DENY P2P"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: <jake@yaknetworks.com>, <freebsd-stable@freebsd.org>, <freebsd-net@freebsd.org> Date: Mon, 20 Oct 2003 04:48:50 -0700
> Anyone got a good solution for a freebsd VPN server to windows
> clients? Tried
> poptop, but not really working for me any other ideas? Thanks in advance.
I currently use mpd to run VPN links. The windows machines work the same as
if I had a Windows NT/2000/Server 2003 server running the links.
I installed the 'mpd' system from ports/net/mpd. Then created the following
files in /usr/local/etc/mpd/.
mpd.conf
mpd.links
mpd.secret
The installation of the port did not seem to create the files with the
appropriate ownerships. So make sure that your files are owned by
root:wheel .
mpd.conf basically tells mpd (Multi-link PPP daemon) what to load, and the
options that each connection needs.
mpd.links basically tells mpd what to do with each connection. This is
usually a pretty simple file.
and mpd.secret tells mpd what the valid users and passwords can be. This
file should only be readable by root. Take a look at mpd.secret.sample .
I am also including my config files (modified for my security) for you
to take a look at. And for the list that may read this as well, I have
converted the files to the Microsoft crlf format. All addresses that
are listed as 1.2.3.4 gets swapped out with your public internet address.
And for firewall rules, if they apply, you need to make sure that port
1723 gets redirected to your VPN server. (even if its the local machine)
And finally, you may want to make sure that the following file exists
/usr/local/etc/rc.d/mpd.sh with executable permissions set if you want
the server to load itself on startup. If it doesnt exist it is attached
to this email as well.
And yes, I realise that getting a VPN up and running can be a pain in the
but. But if you have any questions about it feel free to get in touch
with me via email.
>
> Thanks,
And for the sake of everyone else, this question really should be directed
to -net. So I request that further discussion on the matter be moved
there. This list is for people that wish to discuss comments and report
bugs etc about freebsd-stable.
>
> Jake
Aaron Burke
aburke@nullplusone.com
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"
- application/octet-stream attachment: mpd.conf
- application/octet-stream attachment: mpd.sh
- application/octet-stream attachment: mpd.secret
- application/octet-stream attachment: mpd.links
- Previous message: Aleksandar Simonovski: "freebsd+natd+ipfw+DENY P2P"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
